The Mind Of A Hacker- A Students Perspective
The next module, “The Mind Of A Hacker”, was another great module. This time we were focused on the mindset of being a hacker. The video included in this module was short and sweet, but contained some pretty powerful lessons. The difference in Convergent Intelligence versus Divergent Intelligence, and the three types of Reasoning used in Problem Solving: Deductive, Inductive, and Abductive. Convergent Intelligence is basically what we have learned in western schools of thought: Taking multiple pieces of evidence and forming a fact. Whereas Divergent Intelligence is taking a fact, and coming up with multiple ideas and solutions. Divergent Intelligence needs to be developed in order to be a great penetration tester.
When it comes to Problem Solving, there was a focus on Inductive and Abductive reasoning. Inductive reasoning is taking evidence and then forming a rule with the evidence, and Abductive reasoning is looking at a set of evidence and forming a “best guess” answer to it.
Recursion was also brought up, which was interesting. I really had only heard this term thrown around in terms of programming, but taking that next step and applying it as a method of analysis was definitely intriguing. Lead Instructor, Mike Murray mentioned that this would come up again in future modules, so I’m looking forward to what role this will play.
These are simple lessons but they are definitely challenging to put into practice. The lab with this module was also pretty interesting, just some short multiple answer quizzes with immediate feedback. This was a huge eye opener for me. I actually got a headache from the questions being asked, even though they were pretty simple. But it challenged me to think in ways that I hadn’t in a long time and it felt great. I have a lot of work to do in these areas to say the least.
My biggest takeaway from this module is to always think outside of the box and to question everything. Just because something is assumed to be secure, don’t make the same assumption. Case in point: SSL. Look at how the fabric of the SSL system has crumbled in recent months due to all of the recent hacks. These flaws surfaced due to those who continued to question and not to just simply accept that something was impossible.